Sensitive Data Discovery and Remediation

The first step in determining the appropriate safeguards for a resource is to identify
the sensitivity of data it stores or handles. To this end, the University Information
Security Office (UISO) has made available a data discovery and remediation software,
Spirion (formerly Identity Finder), to assist USC faculty/staff, and organizational
units in identifying and remediating sensitive data on computers and servers. USC
has licensed the software for enterprise and home use for all faculty and staff in
the eight-campus system. Computers that store confidential or restricted data are
considered high risk. The compromise or loss/theft of one of these computers will
likely result in unauthorized access resulting in a data breach.

What is Spirion?

Spirion is a software program that searches computers, attached storage devices, and
network file shares for Personally Identifiable Information (PII) such as credit card,
social security, and bank account numbers. End-users can remediate any PII findings
on their local computer. Remediation options include the secure deletion, quarantine,
or encryption of files. Any sensitive data that you no longer need for your day-to-day
job should be permanently deleted.

How does Spirion work?

For personally owned computers, the end-user downloads and installs a software and
initiates a scan. At the completion of the scan, you can remediate PII findings. USC
has no visibility into these scans, scan results or the remediation actions taken
on personal devices.

For enterprise computers, your security liaison will ensure enterprise computers have
the agent installed. They will initiate scans through the Spirion Enterprise management
console. At the completion of the scan, you will receive a pop-up notification requesting
that you remediate any PII findings. You will also be able to run scans using the
application interface on your computer.

Do I have to use Spirion?

Data discovery and classification are required by the State of South Carolina’s Information
Security Program. The University of South Carolina's Spirion implementation meets
that requirement and ensures the university is compliant.

What is Spirion looking for?

USC’s focus is on discovering and remediating ABA bank routing, credit card, and social
security numbers on USC enterprise computers. It is also recommended that personally
owned computers used for work are scanned. Security liaisons and end-users can configure
scans to find the following data:

Social Security Numbers

Credit Card Numbers

Passwords

Health Information

Bank Account Numbers

Driver License Numbers

Dates of Birth

Phone Numbers

Other (using pattern matching)

How do I get Spirion?

Enterprise and Home use versions for Windows, Mac OS X, and Linux are available on software distribution.

What happened to Symantec DLP?

Symantec DLP was hugely successful with over 10,000 installations in the eight-campus
system. However, Spirion replaces Symantec DLP for the following reasons:

The notification and remediation of sensitive data proved difficult with Symantec
DLP as the software did not have a client GUI requiring the results and notifications
to be centrally managed. Symantec DLP did not provide a way to remediate PII findings.

The new SC State security and privacy standards require the university to classify
sensitive data sets. This feature is included in Spirion.

Spirion is licensed for enterprise and home use and supports Bring Your Own Devices
(BYOD).

Addresses the privacy concerns expressed by faculty and staff.

Symantec DLP did not support Linux, and the MAC OSX performance was poor.

Solution

Spirion

Spirion solves today's data protection challenges by giving you the tools needed to
safeguard sensitive data against the sophisticated, intrusive and hard to defend attacks
that are the most costly.